Financial Sector Cybersecurity Issues and Threats

Major data breaches and an always evolving cybersecurity threat and fraud landscape mean that the financial sector is under constant pressure to keep customer and corporate data safe from hackers.

Last year saw the biggest data breach in UK history with over 20,000 Tesco Bank customers losing money from their accounts. Also in 2016, hackers used hijacked privileged credentials to steal $81 million from vulnerable customer accounts at The Bangladesh Central Bank.

It’s a tough cybersecurity landscape out there – and financial institutions need to stay ahead of hackers. Cybersecurity leaders recently gathered at the SWIFT Business Forum in London to discuss the challenges faced by banks including:

Changes in targets and tactics – JF Legault, cybersecurity global head at JP Morgan, spoke about the changing nature of cybersecurity threats stating, “We saw the advent of malware targeting wholesale banking platforms. Criminals stopped going after simple, low-value monetary amounts and shifted to high-value payment platforms. The reason they did that was a lot more yield on the crime(s) they committed. We also saw a shift toward business email compromise… [and] a high number of breaches affecting the financial sector that led to fraudulent messages.”

False positives – Banks are wasting valuable time flagging activities in the anti-money laundering monitoring systems that are not actually fraudulent. These “false positives” take time away from from strategic activities. Anthony Fenwick, global head of treasury and trade solutions and AML compliance at Citi Group, pointed out, “Our biggest problem in this industry is false positives …the use of electronics and AI have to go hand-in-hand with the best humans. The idea that we remove all human activity from this process misses the point of what we are trying to do.”

Insider threats – Regional vice-president for UK, Ireland, and Northern Europe at CyberArk, Matt Middleton-Leal, underlined that banks most fear attacks that hide behind insider privileges. “They allow cybercriminals to appear as legitimate users, giving them unprecedented freedom to work their way up to their most valuable financial assets.” Gottfried Leibbrandt, CEO at the financial messaging vendor SWIFT chimed in that, bank customers “will always be the weakest link, but at the same time the response should not be ‘let’s fix the weakest link’ but you have to take an end-to-end view.”

Consumer-friendly usability – According to Royce Curtin, managing director of global intelligence at Barclays, big breach is a huge concern, but that must be balanced with providing customers with solutions that want to use. “We work very hard and take very seriously the responsibility of building systems and trust for services that people feel comfortable using.”

How banks can overcome these issues

Improved communication – Better communication and intelligence sharing at financial institutions is a good first step toward building a more robust cybersecurity program.

Actionable insights – Many banks are looking for intelligence that can be quickly turned into an effective response, especially when it comes to landscapes where breaches are more likely to occur. Create actionable intelligence inside the banks and publish it out. Take a strategic view and identify suspicious behaviors (i.e. here is a set of accounts and a volume of transactions that we should be mindful of) so that proper security alerts and timely, effective responses can be undertaken.

How CyberSheath can help

CyberSheath can help companies in the financial sector address many of these issues with security consulting services and expert guidance. We provide Privilege Account Management, which provides strong protection inside the perimeter, security assessments, and best practices recommendations based on experience solving security-related problems for major financial clients. Contact us for your FREE security assessment.